What does OSINT stand for?
Open-Source Intelligence
What is OPSEC?
operational security – the practice of hiding yourself online by disassociating your online persona with your real self
What is a public exposure assessment?
How is OSINT useful to attackes?
aids in potentially effective social-engineering attacks, and spear-phishing email campaigns to be conducted, tailored to their intended targets to make them more believable
What is the process of collecting publically available information for malicious purposes commonly referred to?
target information gathering, or passive information gathering (because the attacker is not directly engaging with the target’s systems, such as port or vulnerability scanning)
Which roles utilize OSINT?
- Tactical Threat Analyst
- Strategic Threat Analyst
- Security Analyst
- Vulnerability Analyst
- Penetration Tester/Red Teamer
How does a Tactical Threat Analyst utilize OSINT?
- conduct intelligence operations, gathering information on adversaries that may target their organization
- stay up to date with the latest trends and techniques used by these groups, in order to implement defenses
- collect IOCs
How does a Strategic Threat Analyst utilize OSINT?
- conduct threat exposure assessments
- identify any information that the organization is “leaking” out on the internet
How does a Security Analyst utilize OSINT?
- checking the reputation of IOCs such as IP addresses (VirusTotal, IPVoid), or email addresses and file hashes (VirusTotal, IBM X-Force Exchange)
- investigating fake social-media accounts that are being used to launch social engineering attacks against employees
How does a Vulnerability Analyst utilize OSINT?
- crucial for this role to as they need to keep up to date with the latest publicly-announced vulnerabilities
- great OSINT source is the National Vulnerability Database and using TweetDeck to monitor Twitter for vulnerability-related news and disclosures
How does a Penetration Tester/Red Teamer utilize OSINT?
gain information about their target company, such as internal systems and employee information
What does the The Intelligence Cycle term describe?
a series of stages and procedures that a researcher has to perform to convert the collected data and information into intelligence products capable of bringing solutions to the organization
What are the 5 steps in the The Intelligence Cycle?
- Planning and Direction
- Collection (gathering of data and information)
- Processing of data and information
- Analysis to produce meaningful intelligence
- Dissemination of intelligence to the clients
What is determined in the Planning and Direction phase?
the purpose of research and what kind of information you are looking for
What is the objective of the Collection phase?
identification of which kind of processes you will use to carry out the collection of such information, and then, using all the techniques you know, obtain the data that will help you carry out your intelligence operation
What are the objectives in the Processing of data and information phase?
- visualization of the information
- application of decoding, decryption, validation, and evaluation techniques to filter the huge amount of information obtained
- identify useful data for the research
What is done in the Analysis to produce meaningful intelligence phase?
- compile all the information you filtered in the previous step to obtain the solutions to your initial problem
- creation of a coherent intelligence product (report, conference, etc.) that allows you to clearly explain the process you recently carried out
What is done in the Dissemination of intelligence to the clients phase?
deliver the product you developed throughout the process to the stakeholders (individuals or groups) that requested it
Why are the OSINT operations called a “passive operation”?
they are completely invisible and at no time will the individual or organization you are investigating realize who you are
What are the 3 techniques used for online fingerprinting?
- IP address
- cookies
- browser fingerprinting
What is Sock Puppetry?
a deceptive practice in which a single individual creates and controls multiple accounts or personas to manipulate or deceive others
What is the The Harvester tool used for?
command-line information-gathering tool that utilizes OSINT sources to gather information about the target domain and retrieves information such as hostnames, IP addresses, employees (and their positions), email addresses, and much more
How to use theharvester to do a simple reconnaissance on the domain google.com, using Google as the data source?
theharvester -d google.com -l 100 -b google
How to use theharvester to do a simple reconnaissance on the domain google.com, using LinkedIn as the data source?
theharvester -d google.com -l 100 -b linkedin
-
Defense Tools8
-
Log Analysis9
-
Indicator of Compromise (IoC)6
-
Vulnerability Analysis and Nessus14
-
XDR, EDR, XSOAR, SIEM, UEBA41
-
OSINT29
-
Forensics25
-
Phishing Analysis17
-
Responding to Cyberattacks7
-
Cybersecurity Positions3
-
MITRE Frameworks5
-
Malware Analysis Theory45
-
Threat Intelligence15
-
Handling Ransomware3
-
Commercial Defense Products12
-
Malware Analysis Practical15
-
Incident Response57
